21 results found Sort:
- Filter by Primary Language:
- Python (8)
- Java (4)
- Go (3)
- Ruby (1)
- Clojure (1)
- YARA (1)
- JavaScript (1)
- Kotlin (1)
- +
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Created
2013-07-16
5,345 commits to master branch, last one 21 hours ago
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nl...
Created
2015-07-01
11,253 commits to develop branch, last one a day ago
Payments for Ruby on Rails apps
Created
2017-02-01
1,715 commits to main branch, last one 4 days ago
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
Created
2022-03-16
1,404 commits to v3 branch, last one a day ago
A suite of tools to automate software compliance checks.
Created
2017-10-19
16,361 commits to main branch, last one 18 hours ago
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...
Created
2021-12-30
985 commits to master branch, last one 21 days ago
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container ima...
Created
2020-01-28
369 commits to master branch, last one 3 days ago
A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instan...
Created
2021-12-12
101 commits to master branch, last one 2 years ago
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission t...
Created
2019-12-30
1,354 commits to master branch, last one 3 days ago
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
Created
2022-12-26
184 commits to main branch, last one about a month ago
A source code static analysis platform for AppSec enthusiasts.
Created
2023-01-06
387 commits to main branch, last one 10 days ago
prancer platform is an IaC Security engine + Continuous Compliance for your cloud (Azure, AWS, GCP) and Kubernetes environment
Created
2019-02-04
2,130 commits to master branch, last one 3 months ago
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabas...
Created
2020-09-10
1,017 commits to main branch, last one 4 days ago
用于检测maven项目的第三方依赖组件是否存在安全漏洞。
Created
2020-07-29
31 commits to master branch, last one 2 years ago
A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
Created
2021-05-29
9 commits to main branch, last one 2 years ago
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.
Created
2020-01-20
235 commits to master branch, last one 23 days ago
Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning
Created
2022-07-04
242 commits to main branch, last one a day ago
clojure deps SCA
Created
2021-12-24
118 commits to main branch, last one 18 days ago
Python Elliptic Curve Side-Channel Analysis toolkit.
Created
2019-03-14
753 commits to master branch, last one 22 days ago
Detections for CVE-2021-44228 inside of nested binaries
Created
2021-12-11
20 commits to main branch, last one 2 years ago
RyzeSCA 是M-SEC社区一款强化 DevSecOps 的软件成分分析工具,能在软件开发过程中分析和管理开源组件的安全风险。
Created
2023-12-27
4 commits to main branch, last one 9 months ago